<?PHP

class sessions
{
	var $time;
	var $user_name;
	var $user_password;
	var $logged_in;
	var $post;
	var $error;
	var $user_data;
	var $login_mode;
	var $mode;
	var $log_in_success = FALSE;
	var $answer;
	var $check_session=false;
	var $fb;
	
	
	function sessions()
	{
		

		$this->time = time();
      	$this->start_session();
	}
	
	function start_session()
	{
		session_start();
		if(!empty($_POST['login']))
		{
			$this->mode='login';
		}
		$this->logged_in=$this->check_login();
				
	}
	
	
	function verify_secret()
	{
		$w[0]='user_email';
		$w[1]=$_SESSION['user_email'];
		$w[2]='=';
		$where[]=$w;

		$data=get_sql('user','user_id',$where,NULL);
		$data=current($data);
		$this->user_data=$data;
	
		if($data['user_answer']==strtoupper($this->answer))
		{
		
			$this->remove_active_user();
				$this->add_active_user();
				$_SESSION['secret']=0;
			return true;
		}
		else
		{
			return false;
			
		}
	}
	
	function add_active_user()
	{
		$this->remove_active_user();
		$rows[]="user_name"; 
		$rows[]="user_timestamp";
		
		$values[]=$this->user_data['user_name']; 
		$values[]=$this->time;
		
		$post['user_name']=$this->user_data['user_name'];
		$post['user_email']=$this->user_data['user_email']; 
		$post['user_timestamp']=$this->time;
		$post['user_hash']=randomchar();
		$_SESSION['user_hash']=$post['user_hash'];
		$post['user_ip']=$_SERVER['REMOTE_ADDR'];
		//insert_sql('active_user',$rows,$values,TRUE);
		process_sql_post($post,'active_user','replace','id');
	}
	
	function remove_active_user()
	{
			mp('deleteing active user');
			delete_sql('active_user','user_email',$_SESSION['user_email'],TRUE);

	}
	
	function check_login()
	{
		global $conf;
		if($conf->facebook)
		{
			$this->facebook_check_user();	
		}
		
			

		if(!empty($this->fb['uid']))
		{
			$fb_user=$this->facebook_match_user();
			
			if(!empty($fb_user))
			{
					$fb_user_data=current($fb_user);

					$this->user_name = $_SESSION['user_name'] = $fb_user_data['user_name'];
			         $this->user_id   = $_SESSION['user_id']   = $fb_user_data['user_id'];
					 $this->user_level   = $_SESSION['user_level']   = $fb_user_data['user_level'];

					$this->facebook_login();
			}
			else if(empty($fb_user) && $conf->key!='fbsignup')
			{
				
				
				header("Location: ".$conf->absolute_path."user/fbsignup");
			}
	
		
		//	echo 'match';
		}
		if($_SESSION['fb_login']==true && empty($this->fb['uid']))
		{
			$this->facebook_logout();
		}
		if(isset($_COOKIE['cook_name']) && isset($_COOKIE['cookid'])){
         $this->user_name = $_SESSION['user_name'] = $_COOKIE['cook_name'] = $conf->user_name;;
         $this->user_id   = $_SESSION['user_id']   = $_COOKIE['cook_id']= $conf->user_id;
		 $this->user_level   = $_SESSION['user_level']   = $_COOKIE['cook_level'];
      	}
		
		if(isset($_SESSION['user_name']) && isset($_SESSION['user_id']) && $_SESSION['user_level'] >= 1 )
		{
		
			$user->user_where[0][0]='user_id';
			$user->user_where[0][1]=$_SESSION['user_id'];
			$user->user_where[0][2]='=';
			$user->user_data=getlistfiltered2('user',NULL,NULL,$user->user_where,FALSE,FALSE,FALSE);
			$this->user_data=$user->user_data[0];
			return true;
		}
		else
		{
			
			
			$this->log_in_guest();
			return false;
			
		}
		
		
      
	}
	function facebook_login()
	{
		$_SESSION['user_auth'] =true;
		$_SESSION['fb_login']=true;
	}
	
	function facebook_logout()
	{
		$this->logout();
		$_SESSION['fb_login']=false;
		$_SESSION['user_auth'] =false;
	}
	function facebook_match_user()
	{
		$w[0]='user_fb_uid';
		$w[1]=$this->fb['uid'];
		$w[2]='=';
		$where[]=$w;
		$user_data=get_sql('user','user_id',$where,NULL);
		return $user_data;
	//	print_r($user_data);
	}
	
	function facebook_check_user()
	{
		global $conf;
		
		if($conf->facebook)
		{
			
		
			$facebook = new Facebook(array(
			  'appId'  => $conf->a['fb-app-id'],
			  'secret' => $conf->a['fb-app-secret'],
			  'cookie' => true,
			));
			$session = $facebook->getSession();
			$this->fb['session']=$session;
			$this->fb['appId']=$facebook->getAppId();
		//	print_r($session);
		
			$me = null;
			// Session based API call.
			if ($session) {
			  try {
			    $uid = $facebook->getUser();
			    $me = $facebook->api('/me');
			  } catch (FacebookApiException $e) {
			    error_log($e);
			  }
			}
			$this->fb['me']=$me;
			
			rp($me);
			if ($me) {
			  $this->fb['logoutUrl'] = $facebook->getLogoutUrl();
				$this->fb['uid']=$session['uid'];
			} else {
			  $this->fb['loginUrl'] = $facebook->getLoginUrl();
			$this->fb['uid']=NULL;
			}
		}
		
		
		
	
		
	}
	function log_in_guest()
	{
		
		$_SESSION['secret']=0;
		$_SESSION['user_name'] ='GUEST';
		$_SESSION['user_level'] = 0;
		$_SESSION['user_id'] ='GUEST';
		$_SESSION['user_hash'] ='';
		$_SESSION['user_auth'] =false;
		
		global $conf;
		if($conf->admin && $conf->script_name !="index.php" && $this->mode != 'login')
		{
		//	mp('ipasa mo');
				header('Location: index.php');
		}

	
	}
	function log_in()
	{
		global $conf;
	
		$user=& new user();
		if($this->login_mode=='email')
		{
			$user->user_where[0][0]='user_email';
			$user->user_where[0][1]=$this->post['user_name'];
			$user->user_where[0][2]='=';
			
			$v['where']=$user->user_where; 
			$v['table']='user'; 
			$user->user_data=sql_get_list($v);
			

		}
		else
		{
			$user->user_where[0][0]='user_name';
			$user->user_where[0][1]=$this->post['user_name'];
			$user->user_where[0][2]='=';
			
			$v['where']=$user->user_where; 
			$v['table']='user'; 
			$user->user_data=sql_get_list($v);
		}
		
		
	
		
		mp('grabbing data');
		if(empty($user->user_data))
		{
			$conf->errors[]='User not Found';
			mp("User Not Found");
			return false;
		}
		
		//if($check_session)
	//	{
			$w[0]='user_email';
			$w[1]=$user->user_data[0]['user_email'];
			$w[2]='=';
			$where[]=$w;
			$data=get_sql('active_user','user_email',$where,NULL);
			rp($data);
	
			mp('checking session');
	//		$conf->errors[]='User not Confirmed';
	//	}
		
		if($user->user_data[0]['user_confirm']==0)
		{
			$conf->errors[]='User not Confirmed';
			mp("Not Confirmed");
			return false;
		}
		
		$this->user_password=md5($this->post['user_password']);
		if($user->user_data[0]['user_password'] != $this->user_password)
		{
			mp("Password");
			$conf->errors[]='Wrong Password';
			return false;
		}
			
			
			
			mp("writing Values".$user->user_data[0]['user_level']);
			$conf->messages[]='Successfully Logged In';
			$this->log_in_success=true;
			$_SESSION['user_name']=$user->user_data[0]['user_name'];
		
			$_SESSION['user_id']=$user->user_data[0]['user_id'];
			$_SESSION['user_level']=$user->user_data[0]['user_level'];
			$_SESSION['user_email']=$user->user_data[0]['user_email'];
			$_SESSION['user_auth']=true;
			$_SESSION['ud']=$user->user_data;
			$this->user_data=$user->user_data[0];
			
				if(!empty($data))
				{
						$_SESSION['secret']=1;
				}
				else
				{		$_SESSION['secret']=0;
						$this->add_active_user();
				}
		
				if($check_session)
				{
					setcookie("cook_name", $user->user_data[0]['user_name'], time()+10000, "/");
		      	 	setcookie("cook_id",   $user->user_data[0]['user_id'],   time()+10000, "/");

				}
				else
				{
					setcookie("cook_name", $user->user_data[0]['user_name'], time()+10000, "/");
		      	 	setcookie("cook_id",   $user->user_data[0]['user_id'],   time()+10000, "/");
				}
	    	
  			$this->logged_in = true;

		//	mp('ref:'.$this->post['referrer']);
			header('Location: '.$conf->path);
			return true;
			


	}
	
	function check_session_hash()
	{
		
	}
	
	
	function logout()
	{
		
		if(isset($_COOKIE['cook_name']) && isset($_COOKIE['cook_id'])){
         setcookie("cook_name", "", time()-1000, "/");
         setcookie("cook_id",   "", time()-1000, "/");
      	}
		if($_SESSION['secret']!=1)
		{
			$this->remove_active_user();
		}
		
		unset($_SESSION['secret']);
      	unset($_SESSION['user_name']);
      	unset($_SESSION['user_id']);
	  	unset($_SESSION['user_level']);
		unset($_SESSION['user_auth']);
		unset($_SESSION['user_email']);
		unset($_SESSION['ud']);
		unset($_SESSION['user_ip']);
		unset($_SESSION['user_hash']);
	
		$this->log_in_guest();
      	$this->logged_in = false;

		$conf->messages[]='Successfully Logged Out';

	}
	function logout_duplicate($hash)
	{
		
		if(isset($_COOKIE['cook_name']) && isset($_COOKIE['cook_id'])){
         setcookie("cook_name", "", time()-1000, "/");
         setcookie("cook_id",   "", time()-1000, "/");
      	}
		mp('logging out hash # '.$hash);
		delete_sql('active_user','user_hash',$hash,TRUE);
		unset($_SESSION['secret']);
      	unset($_SESSION['user_name']);
      	unset($_SESSION['user_id']);
	  	unset($_SESSION['user_level']);
		unset($_SESSION['user_auth']);
		unset($_SESSION['user_email']);
		unset($_SESSION['ud']);
		unset($_SESSION['user_ip']);
		unset($_SESSION['user_hash']);
	
		$this->log_in_guest();
      	$this->logged_in = false;
		$conf->messages[]='Successfully Logged Out';

	}

	function change_password()
	{
		$user=& new user();
		$user->user_where[0][0]='user_email';
		$user->user_where[0][1]=$this->post['user_email'];
		$user->user_where[0][2]='=';
		$user->user_data=getlistfiltered2('user',NULL,NULL,$user->user_where,FALSE,FALSE,FALSE);
		if(empty($user->user_data))
		{
			$this->error='USERNOTFOUND';
			return false;
		}
		else
		{
			$user->user_email=$this->post['user_email'];
			$user->user_change_password();
		}

	}
	
	
	function check_user()
	{
		
	}
}

$auth_session = new sessions();
?>